security fixes

author: netblue30 <netblue30@yahoo.com> 2017-01-04 18:13:45 -0500
committer: netblue30 <netblue30@yahoo.com> 2017-01-04 18:13:45 -0500
commit: e74fdab5d2125ce8f058c1630ce7cce19cbdac16 (patch)
tree: 9a293ccb85ee28e732f27ed72b0023178d2bdddf /src/firejail/pulseaudio.c
parent: Merge pull request #1021 from KOLANICH/fix_private-bin (diff)
download: firejail-e74fdab5d2125ce8f058c1630ce7cce19cbdac16.tar.gz
firejail-e74fdab5d2125ce8f058c1630ce7cce19cbdac16.tar.zst
firejail-e74fdab5d2125ce8f058c1630ce7cce19cbdac16.zip
1 files changed, 36 insertions, 9 deletions
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c
index b3a22bad9..14a7f03dd 100644
--- a/src/firejail/pulseaudio.c
+++ b/src/firejail/pulseaudio.c
@@ -127,11 +127,25 @@ void pulseaudio_init(void) {
        if (asprintf(&dir1, "%s/.config", cfg.homedir) == -1)
                errExit("asprintf");
        if (stat(dir1, &s) == -1) {
-                int rv = mkdir(dir1, 0755);
+                pid_t child = fork();
-                if (rv == 0) {
+                if (child < 0)
-                        if (set_perms(dir1, getuid(), getgid(), 0755))
+                        errExit("fork");
-                                {;} // do nothing
+                if (child == 0) {
+                        // drop privileges
+                        drop_privs(0);
+        
+                        int rv = mkdir(dir1, 0755);
+                        if (rv == 0) {
+                                if (set_perms(dir1, getuid(), getgid(), 0755))
+                                        {;} // do nothing
+                        }
+#ifdef HAVE_GCOV
+                        __gcov_flush();
+#endif
+                        _exit(0);
                }
+                // wait for the child to finish
+                waitpid(child, NULL, 0);
        }
        else {
                // make sure the directory is owned by the user
@@ -145,12 +159,25 @@ void pulseaudio_init(void) {
        if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1)
                errExit("asprintf");
        if (stat(dir1, &s) == -1) {
-                /* coverity[toctou] */
+                pid_t child = fork();
-                int rv = mkdir(dir1, 0700);
+                if (child < 0)
-                if (rv == 0) {
+                        errExit("fork");
-                        if (set_perms(dir1, getuid(), getgid(), 0700))
+                if (child == 0) {
-                                {;} // do nothing
+                        // drop privileges
+                        drop_privs(0);
+        
+                        int rv = mkdir(dir1, 0700);
+                        if (rv == 0) {
+                                if (set_perms(dir1, getuid(), getgid(), 0700))
+                                        {;} // do nothing
+                        }
+#ifdef HAVE_GCOV
+                        __gcov_flush();
+#endif
+                        _exit(0);
                }
+                // wait for the child to finish
+                waitpid(child, NULL, 0);
        }
        else {
                // make sure the directory is owned by the user
author	netblue30 <netblue30@yahoo.com>	2017-01-04 18:13:45 -0500
committer	netblue30 <netblue30@yahoo.com>	2017-01-04 18:13:45 -0500
commit	e74fdab5d2125ce8f058c1630ce7cce19cbdac16 (patch)
tree	9a293ccb85ee28e732f27ed72b0023178d2bdddf /src/firejail/pulseaudio.c
parent	Merge pull request #1021 from KOLANICH/fix_private-bin (diff)
download	firejail-e74fdab5d2125ce8f058c1630ce7cce19cbdac16.tar.gz firejail-e74fdab5d2125ce8f058c1630ce7cce19cbdac16.tar.zst firejail-e74fdab5d2125ce8f058c1630ce7cce19cbdac16.zip

diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index b3a22bad9..14a7f03dd 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c
@@ -127,11 +127,25 @@ void pulseaudio_init(void) {
127	if (asprintf(&dir1, "%s/.config", cfg.homedir) == -1)	127	if (asprintf(&dir1, "%s/.config", cfg.homedir) == -1)
128	errExit("asprintf");	128	errExit("asprintf");
129	if (stat(dir1, &s) == -1) {	129	if (stat(dir1, &s) == -1) {
130	int rv = mkdir(dir1, 0755);	130	pid_t child = fork();
131	if (rv == 0) {	131	if (child < 0)
132	if (set_perms(dir1, getuid(), getgid(), 0755))	132	errExit("fork");
133	{;} // do nothing	133	if (child == 0) {
		134	// drop privileges
		135	drop_privs(0);
		136
		137	int rv = mkdir(dir1, 0755);
		138	if (rv == 0) {
		139	if (set_perms(dir1, getuid(), getgid(), 0755))
		140	{;} // do nothing
		141	}
		142	#ifdef HAVE_GCOV
		143	__gcov_flush();
		144	#endif
		145	_exit(0);
134	}	146	}
		147	// wait for the child to finish
		148	waitpid(child, NULL, 0);
135	}	149	}
136	else {	150	else {
137	// make sure the directory is owned by the user	151	// make sure the directory is owned by the user
@@ -145,12 +159,25 @@ void pulseaudio_init(void) {
145	if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1)	159	if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1)
146	errExit("asprintf");	160	errExit("asprintf");
147	if (stat(dir1, &s) == -1) {	161	if (stat(dir1, &s) == -1) {
148	/* coverity[toctou] */	162	pid_t child = fork();
149	int rv = mkdir(dir1, 0700);	163	if (child < 0)
150	if (rv == 0) {	164	errExit("fork");
151	if (set_perms(dir1, getuid(), getgid(), 0700))	165	if (child == 0) {
152	{;} // do nothing	166	// drop privileges
		167	drop_privs(0);
		168
		169	int rv = mkdir(dir1, 0700);
		170	if (rv == 0) {
		171	if (set_perms(dir1, getuid(), getgid(), 0700))
		172	{;} // do nothing
		173	}
		174	#ifdef HAVE_GCOV
		175	__gcov_flush();
		176	#endif
		177	_exit(0);
153	}	178	}
		179	// wait for the child to finish
		180	waitpid(child, NULL, 0);
154	}	181	}
155	else {	182	else {
156	// make sure the directory is owned by the user	183	// make sure the directory is owned by the user